Earlier this year it was revealed that hackers had seized 1.5 terabytes of data from HBO, and over the course of the summer the hackers released the stolen property, including script summaries for "Game of Thrones," as well as scripts and entire seasons of other HBO shows. Read More ›

Influencer marketing on social media is a very big business. Here’s how it works: brands team up with individuals with large and engaged followings on social media platforms such as YouTube, Facebook and Instagram (i.e., “influencers”), and pay them to promote their products. Read More ›

The District of Columbia Court of Appeals recently struck down a regulation from the Federal Aviation Administration ("FAA") mandating registration of all drones. The Court found that the registration requirement was too intrusive and overstepped the bounds of the FAA. The petitioner argued that the registration requirement imposed by the FAA violated the statute's clear instruction not to promulgate any rule or regulation relating to model aircraft. The Court found the argument persuasive and vacated the registration rule to the extent it applies to model aircraft used by hobbyist. Read More ›

Recently, international travelers have noticed US Customs and Border Protection agents with increased interest in searching cell phones, laptops, and other portable technology. Employers should be aware that this trend increases the risk that an unauthorized individual will access sensitive company information, which could result in an inadvertent data breach.

Some international travelers have been asked by border agents to unlock cell phones or provide a password needed to unlock the device. One report included a customs agent threatening to seize a travelers' phone if he did not unlock his cellphone. Employers are rightfully concerned that these searches may allow unauthorized individuals to access sensitive company information. Read More ›

In 2016 Lansing, MI's Board of Water and Light fell victim to a cyber-attack that resulted in $2.4 million in costs, including a $25,000 ransom paid to the perpetrators. In the aftermath of the breach, BWL announced that it was filing for a $1.9 million insurance claim under its cyber insurance policy, including $2 million in covered losses, less a $10,000 deductible.

There is a lot at stake for businesses when it comes to cyber-crime, which is why more and more businesses are investigating and purchasing cyber insurance to hedge against the risks associated with cyber security and data privacy. Read More ›

No matter how carefully, thoughtfully and diligently a company works to prevent it, data breaches happen. Company management, IT teams and outside consultants can do everything right and still end up dealing with a breach. That means that knowing how to best respond when (not if) a breach happens should be part of every company’s data protection strategy.

We recommend that every company assemble a security breach team, consisting of individuals inside and outside of the organization who possess different skill sets. This may include technology officers, as well as staff from IT, human resources, communications, legal departments, outside counsel, and outside vendors. The composition of the team will depend on the type and size of the organization, but each member should be in a position and have skills that enable the organization to quickly and properly respond to an incident. The team must also be equipped, authorized and empowered to evaluate and immediately react to an incident once it has occurred. Read More ›

We recently wrote about how a Cyberattack on Lansing, Michigan's Board of Water and Light ("BWL") resulted in costs nearing $2 million for technical support and equipment upgrades. In fact, BWL's total costs have now stretched to $2.4 million, including a $25,000 ransom paid to the attackers. These facts underscore that the costs of such attacks can be enormous, especially when ransomware is involved. Read More ›

A recent decision by the U.S. Court of Appeals for the Sixth Circuit (the “Sixth Circuit”) may make it easier for plaintiffs to bring costly lawsuits against companies that allow sensitive data to fall into the wrong hands. Most troubling from a company's perspective, the Sixth Circuit used language that some states legally require in data breach notification letters to justify allowing the case to move forward. Read more about this case here.